← Find more feeds

kb.cert.org

CERT Recently Published Vulnerability Notes

Get the latest updates from CERT Recently Published Vulnerability Notes directly as they happen.

Follow now 115 followers

Latest posts

Last updated about 1 month ago

VU#123336: Vulnerable WiFi Alliance example code found in Arcadyan FMIMG51AX000J

about 1 month ago

Overview A command injection vulnerability has been identified in the Wi-Fi Test...

Read full

VU#138043: A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server

2 months ago

Overview A stack-based overflow vulnerability exists in the tinydhcp server in the...

Read full

VU#455367: Insecure Platform Key (PK) used in UEFI system firmware signature

3 months ago

Overview A vulnerability in the user of hard-coded Platform Keys (PK) within...

Read full

VU#244112: Multiple SMTP services are susceptible to spoofing attacks due to insufficient enforcement

4 months ago

Overview Multiple hosted, outbound SMTP servers are vulnerable to email impersonation. This...

Read full

VU#312260: Use-after-free vulnerability in lighttpd version 1.4.50 and earlier

5 months ago

Overview A use-after-free vulnerability in lighttpd in versions 1.4.50 and earlier permits...

Read full

VU#456537: RADIUS protocol susceptible to forgery attacks.

5 months ago

Overview A vulnerability in the RADIUS protocol allows an attacker allows an...

Read full

VU#163057: BMC software fails to validate IPMI session.

7 months ago

Overview The Intelligent Platform Management Interface (IPMI) implementations in multiple manufacturer's Baseboard...

Read full

VU#238194: R Programming Language implementations are vulnerable to arbitrary code execution during deserialization of .rds and .rdx files

7 months ago

Overview A vulnerability in the R language that allows for arbitrary code...

Read full

VU#253266: Keras 2 Lambda Layers Allow Arbitrary Code Injection in TensorFlow Models

7 months ago

Overview Lambda Layers in third party TensorFlow-based Keras models allow attackers to...

Read full

VU#123335: Multiple Programming Languages Fail to Escape Arguments Properly in Microsoft Windows

8 months ago

Overview Various programming languages lack proper validation mechanisms for commands and in...

Read full

VU#155143: Linux kernel on Intel systems is susceptible to Spectre v2 attacks

8 months ago

Overview A new cross-privilege Spectre v2 vulnerability that impacts modern CPU architectures...

Read full

VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacks

8 months ago

Overview HTTP allows messages to include named fields in both header and...

Read full

Or log in

Everything you care about in one place

CERT Recently Published Vulnerability Notes

Latest posts

VU#123336: Vulnerable WiFi Alliance example code found in Arcadyan FMIMG51AX000J

VU#138043: A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server

VU#455367: Insecure Platform Key (PK) used in UEFI system firmware signature

VU#244112: Multiple SMTP services are susceptible to spoofing attacks due to insufficient enforcement

VU#312260: Use-after-free vulnerability in lighttpd version 1.4.50 and earlier

VU#456537: RADIUS protocol susceptible to forgery attacks.

VU#163057: BMC software fails to validate IPMI session.

VU#238194: R Programming Language implementations are vulnerable to arbitrary code execution during deserialization of .rds and .rdx files

VU#253266: Keras 2 Lambda Layers Allow Arbitrary Code Injection in TensorFlow Models

VU#123335: Multiple Programming Languages Fail to Escape Arguments Properly in Microsoft Windows

VU#155143: Linux kernel on Intel systems is susceptible to Spectre v2 attacks

VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacks

Try Feeder for free